使用Http绕过证书错误 [英] Bypass Certificate Error Using Http

问题描述

我尝试创建访问第三方API的代理服务器，但它们的开发终点有证书错误。使用http.dart时是否还有绕过ssl错误？

I'm trying to create a proxy server that access third-party API, but their development end point have certificate error. Is there anyway to bypass ssl error when using http.dart?

import 'package:http/http.dart' as http;

Uri url = Uri.parse("https://url-with-ssl-error.com/endpoint");
http.get(url).then((response) => print(response.body));

，并返回以下错误：

Uncaught Error: SocketIOException: RawSecureSocket error (Unexpected handshake error in client) (OS Error: errno = -8172)
Unhandled exception:
SocketIOException: RawSecureSocket error (Unexpected handshake error in client) (OS Error:  errno = -8172)
#0      _FutureImpl._scheduleUnhandledError.<anonymous closure> (dart:async/future_impl.dart:207:9)
#1      Timer.run.<anonymous closure> (dart:async/timer.dart:17:21)
#2      Timer.run.<anonymous closure> (dart:async/timer.dart:25:13)
#3      Timer.Timer.<anonymous closure> (dart:async-patch:15:15)
#4      _Timer._createTimerHandler._handleTimeout (dart:io:6990:28)
#5      _Timer._createTimerHandler._handleTimeout (dart:io:6998:7)
#6      _Timer._createTimerHandler.<anonymous closure> (dart:io:7006:23)
#7      _ReceivePortImpl._handleMessage (dart:isolate-patch:81:92)

推荐答案

错误-8172表示Peer的证书颁发者已被标记为不受用户信任。

Error -8172 means that 'Peer's certificate issuer has been marked as not trusted by the user.'

如果您可以访问原始套接字，请 connect 方法允许您通过提供 onBadCertificate 回调来指定在坏证书的情况下做什么。但是，我不知道你的代码示例中的 http 对象的确切类型，所以我不能告诉你是否可以解决这个问题。我认为它可能是一个 HttpClient 实例，但它没有一个 get 方法，它接受一个URI，所以我我不确定。如果它是你自己的类，也许你有访问底层安全套接字，所以你仍然可以使用 onBadCertificate 。

If you had access to the raw socket, then connect method allows you to specify what to do in case of bad certificate by providing onBadCertificate callback. However, I am not sure what is the exact type of http object in your code sample, so i can't tell whether you can workaround this or not. I thought it might be an HttpClient instance but it doesn't have a get method which takes a URI, so I am not sure. If it is your own class, maybe you have access to underlying secure socket so you can still use onBadCertificate.

此外，对于服务器套接字，您不能依赖隐式 SecureSocket.initialize（） 调用。您需要使用证书数据库信息显式调用它。

Additionally, for server sockets, you can't rely on implicit SecureSocket.initialize() call. You need to call it explicitly with certificate db info.

这篇关于使用Http绕过证书错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！